Practical Timing Side-Channel Attacks on Memory Compression

Martin Schwarzl, Pietro Borrello, Gururaj Saileshwar, Hanna Müller, Michael Schwarz, Daniel Gruss

Publikation: Beitrag in Buch/Bericht/KonferenzbandBeitrag in einem KonferenzbandBegutachtung

Abstract

Compression algorithms have side channels due to their data-dependent operations.
So far, only the compressionratio side channel was exploited, e.g., the compressed data size.

In this paper, we present Decomp+Time, the first memory compression attack exploiting a timing side channel in compression algorithms.
While Decomp+Time affects a much broader set of applications than prior work.
A key challenge is precisely crafting attacker-controlled compression payloads to enable the attack with sufficient resolution.
Our evolutionary fuzzer, Comprezzor, finds effective Decomp+Time payloads that optimize latency differences such that decompression timing can even be exploited in remote attacks.
Decomp+Time has a capacity of 9.73 kB/s locally, and 10.72 bit/min across the internet (14 hops).
Using Comprezzor, we develop attacks that leak data bytewise in four different case studies:
First, we leak 1.50 bit/min from Memcached on a remote PHP script.
Second, we leak database records with 2.69 bit/min, from PostgreSQL in a Python-Flask application, over the internet.
Third, we leak secrets with 49.14 bit/min locally from ZRAM-compressed pages on Linux.
Fourth, we leak internal heap pointers from the V8 engine within the Google Chrome browser on a system using ZRAM.
Thus, it is important to re-evaluate the use of compression on sensitive data even if the application is only reachable via a remote interface.
Originalspracheenglisch
Titel43th IEEE Symposium on Security and Privacay: IEEE S&P 2023
Seiten1186-1203
DOIs
PublikationsstatusVeröffentlicht - 2023
Veranstaltung43th IEEE Symposium on Security and Privacay: IEEE S&P 2023 - San Francisco, USA / Vereinigte Staaten
Dauer: 22 Mai 202324 Mai 2023

Konferenz

Konferenz43th IEEE Symposium on Security and Privacay
KurztitelIEEE S&P 2023
Land/GebietUSA / Vereinigte Staaten
OrtSan Francisco
Zeitraum22/05/2324/05/23

Fingerprint

Untersuchen Sie die Forschungsthemen von „Practical Timing Side-Channel Attacks on Memory Compression“. Zusammen bilden sie einen einzigartigen Fingerprint.

Dieses zitieren